Forum Discussion

Nimbostratus

Jan 28, 2016

x-frame-options settings not working in APM

I have /my.policy overwriting every attempt I've made to disable this clickjacking protection. I have a frame that needs to access APM and this damn header is constantly getting set. Using BIGIP 12, ...

BIG-IP Access Policy Manager (APM)

devops

irules

Lucas_Thompson_

Historic F5 Account

Jan 28, 2016

Try doing "bigstart restart". The ramcache in BIG-IP stores the pages for APM's HTTP server so that the server itself doesn't have to deal with incoming client requests. I tested this in v12.0 and it seems to be fine, but it does require a restart.

Lucas_Thompson_
Historic F5 Account
Jan 28, 2016
Also: The thing that has to be "none" isn't apm.xframeoptions.allowfrom , it's apm.xframeoptions. The alowfrom sets the domains, not "none".

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

x-frame-options settings not working in APM

Jonathan - March 2026 Featured Member

F5 AppWorld 2026 Las Vegas - iRules Contest Winners!

2026 F5 DevCentral MVP Announcement

Recent Discussions

[ASM] : SQL-INJ "end-quote UNION" - How to allow this signature to specific url/uri/parameter only

Changes to DO and AS3 GitHub - no longer monitored

[ASM] - How to disable the SQL injection attack signatures

[ASM] : "Request length exceeds defined buffer size " - How to increase the limit ?

Help with SSH Virtual Server

Related Content

Set x-frames-options header values depending on URI

Removing x-frame-options header from response when using APM

Clickjacking Protection Using X-FRAME-OPTIONS Available for Firefox

Working with JSON data in iRules - Part 1

Working with JSON data in iRules - Part 2

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS